Bug 1510142 - Cannot ommit Compute->Containers->Containers from RBAC role.
Summary: Cannot ommit Compute->Containers->Containers from RBAC role.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS
Version: 5.8.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.8.3
Assignee: Harpreet Kataria
QA Contact: Antonin Pagac
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-11-06 18:30 UTC by Jarryd Novotni
Modified: 2022-07-09 09:09 UTC (History)
8 users (show)

Fixed In Version: 5.8.3.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-02-28 13:07:52 UTC
Category: ---
Cloudforms Team: CFME Core
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:0374 0 normal SHIPPED_LIVE Important: Red Hat CloudForms security, bug fix, and enhancement update 2018-02-28 18:04:37 UTC

Description Jarryd Novotni 2017-11-06 18:30:35 UTC 
Description of problem:
When creating a new role, I cannot prevent the user from seeing Compute->Containters->Containers. There is no checkbox available for it. 

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Create a new role and try to prevent that role from accessing Compute->Containers->Containers

Actual results:
I did not see a checkbox available for controlling access to that page.

Expected results:


Additional info:
Comment 2 Landon LaSmith 2017-11-17 04:04:28 UTC 
I was able to replicate this on 5.8.2.3. Any role that enables one more features under Compute -> Containers will display Compute -> Containers -> Containers by default.

In 5.9.0.9, access to Containers is controlled by the product feature Compute -> Containers -> Containers Explorer
Comment 3 Harpreet Kataria 2017-12-13 15:04:04 UTC 
https://github.com/ManageIQ/manageiq/pull/16658
Comment 4 CFME Bot 2017-12-13 17:46:04 UTC 
New commit detected on ManageIQ/manageiq/fine:
https://github.com/ManageIQ/manageiq/commit/43c7b295c97cd5767d91dd561d6e67b3af646fcf

commit 43c7b295c97cd5767d91dd561d6e67b3af646fcf
Author:     Harpreet Kataria <hkataria>
AuthorDate: Wed Dec 13 09:59:40 2017 -0500
Commit:     Harpreet Kataria <hkataria>
CommitDate: Wed Dec 13 09:59:40 2017 -0500

    Fixed product feature id for "Containers"
    
    This was causing Containers Explorer to be available when user's role had any of the other features access under Containers main tab. Due to the same "Containers Explorer" node was missing from User Role edit/details screen.
    
    Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1510142

 db/fixtures/miq_product_features.yml | 2 +-
 db/fixtures/miq_shortcuts.yml        | 2 +-
 db/fixtures/miq_user_roles.yml       | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)
Comment 5 Antonin Pagac 2018-01-03 15:53:10 UTC 
I could not reproduce the issue with 5.8.2.3.20171016155816_aaec796. I failed to have "Compute -> Containers -> Containers" displayed by adding any other feature under Conpute -> Containers. I can't see that feature in the tree and I can't see "Containers Explorer" feature either.

Using 5.8.3.0.20171213193853_f1b4a89, I can see the "Containers Explorer" feature and user with this feature enabled can access Computer -> Containers -> Containers page. I can omit this feature successfully.

Marking as verified in 5.8.3.0.
Comment 8 errata-xmlrpc 2018-02-28 13:07:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0374
Note You need to log in before you can comment on or make changes to this bug.